#71832 - [PATCH v5 0/3] [SECURITY] Add nss-rapid; update Librewolf to 128.0.3-1

GNU bug report logs - #71832
[PATCH v5 0/3] [SECURITY] Add nss-rapid; update Librewolf to 128.0.3-1

Reported by: Ian Eure <ian <at> retrospec.tv>

Date: Sat, 29 Jun 2024 03:58:01 UTC

Severity: normal

Tags: patch

Done: Vagrant Cascadian <vagrant <at> debian.org>

Bug is archived. No further changes may be made.

Message #55 received at 71832 <at> debbugs.gnu.org (full text, mbox):

From: Ian Eure <ian <at> retrospec.tv> To: 71832 <at> debbugs.gnu.org Cc: control <at> debbugs.gnu.org, Ian Eure <ian <at> retrospec.tv> Subject: [PATCH v5 0/3] [SECURITY] Add nss-rapid; update Librewolf to 128.0.3-1 Date: Tue, 30 Jul 2024 20:54:58 -0700

retitle 71832 [PATCH v5 0/3] [SECURITY] Add nss-rapid; update Librewolf to 128.0.3-1 thanks New upstream versions of nss-rapid and LibreWolf. This contains security fixes for: CVE-2024-6605: Firefox Android missed activation delay to prevent tapjacking debugger eval code CVE-2024-6606: Out-of-bounds read in clipboard component debugger eval code CVE-2024-6607: Leaving pointerlock by pressing the escape key could be prevented debugger eval code CVE-2024-6608: Cursor could be moved out of the viewport using pointerlock. debugger eval code CVE-2024-6609: Memory corruption in NSS debugger eval code CVE-2024-6610: Form validation popups could block exiting full-screen mode debugger eval code CVE-2024-6600: Memory corruption in WebGL API debugger eval code CVE-2024-6601: Race condition in permission assignment debugger eval code CVE-2024-6602: Memory corruption in NSS debugger eval code CVE-2024-6603: Memory corruption in thread creation debugger eval code CVE-2024-6611: Incorrect handling of SameSite cookies debugger eval code CVE-2024-6612: CSP violation leakage when using devtools debugger eval code CVE-2024-6613: Incorrect listing of stack frames debugger eval code CVE-2024-6614: Incorrect listing of stack frames debugger eval code CVE-2024-6604: Memory safety bugs fixed in Firefox 128, Firefox ESR 115.13, Thunderbird 128, and Thunderbird 115.13 debugger eval code CVE-2024-6615: Memory safety bugs fixed in Firefox 128 and Thunderbird 128 This also includes a fix for the application icon not showing up in DEs. Ian Eure (3): gnu: Add nss-rapid. gnu: gnuzilla: Add skr to all-mozilla-locales. gnu: librewolf: Update to 128.0.3-1 gnu/packages/gnuzilla.scm | 1 + gnu/packages/librewolf.scm | 1054 ++++++++++++++++++------------------ gnu/packages/nss.scm | 80 ++- 3 files changed, 606 insertions(+), 529 deletions(-) -- 2.45.2

This bug report was last modified 276 days ago.

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.

GNU bug report logs - #71832 [PATCH v5 0/3] [SECURITY] Add nss-rapid; update Librewolf to 128.0.3-1

GNU bug report logs - #71832
[PATCH v5 0/3] [SECURITY] Add nss-rapid; update Librewolf to 128.0.3-1